Jump to content

Moonduv

Members
 View Profile  See their activity

  • Posts

    8

  • Joined

  • Last visited

 Content Type 

Everything posted by Moonduv

  1. Moonduv
    It is working, thanks so much! Thanks to your support, I plan on getting a paid subscription. Can you please tell me whether Malwarebytes can replace a standard antivirus program (Norton, for example), in its entirety? Does it provide virus preotection and fixes in addition to adware / malware protection? How about live protection and on demand protection for both? Thank you very much!
  2. Moonduv
    Unfortunately it is still not working.
  3. Moonduv
    Hi - Here is the log: Rkill 2.9.1 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2017 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 10/16/2017 07:39:27 AM in x64 mode. Windows Version: Windows 10 Home Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * No issues found. Program finished at: 10/16/2017 07:42:11 AM Execution time: 0 hours(s), 2 minute(s), and 44 seconds(s) Thanks
  4. Moonduv
    No - The store does have this code at the bottom: Code: 0x80072EE7 CV: TzuX20CoHEulYZ8H Thanks.
  5. Moonduv
    Certainly! Here is the error with Microsoft Edge: Hmmm...can’t reach this page Try this This website might be marked as work-related by your organization. Try to access this link in a new Microsoft Edge window outside of Windows Defender Application Guard. Make sure you’ve got the right web address: https://www.msn.com Search for "https://www.msn.com" on Bing Refresh the page Details And here is the error with the store is to "check your connection. The Store needs to be online. You look like you are not."
  6. Moonduv
    Thanks! Here are the requested logs. Thanks! FRST.txt Addition.txt
  7. Moonduv
    Thank you Yoan. I have already installed Malwarebytes, and believe I have posted the correct logs, so can move onto the next step. Can you please confirm? Thank you.
  8. Moonduv
    Hello - I received several notices from Norton that there was a large volume of outbound traffic, so I installed the latest version of Malwarebytes and ran a scan. The results came back with several potentially malicious finds, which I quarantined. This left me unable to use Microsoft Edge browser and any of my apps/programs that leverage this (the Microsoft store, for example). I attempted to undo the quaranteed, which did not fix the problem, so I ran the scan again and repeated the quarantine. The Firefox browser is still working. I've pasted a copy of the Quarantine Report below. Can you please provide assistance? Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 10/13/17 Scan Time: 7:50 AM Log File: db0d2fd8-b025-11e7-a6bd-dc4a3ee31796.json Administrator: Yes -Software Information- Version: 3.2.2.2029 Components Version: 1.0.212 Update Package Version: 1.0.3005 License: Trial -System Information- OS: Windows 10 (Build 15063.674) CPU: x64 File System: NTFS User: DESKTOP-KEHL18U\The Richard Family -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 385090 Threats Detected: 47 Threats Quarantined: 47 Time Elapsed: 3 min, 14 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 9 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\CONSOLE\TASKENG.EXE, Quarantined, [5416], [425125],1.0.3005 PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7F0C0547-040B-0F08-0D11-0E7D7D7A110D}, Quarantined, [5416], [-1],0.0.0 PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3547E90E-9B80-446A-9311-43CD27742A0B}, Quarantined, [5416], [-1],0.0.0 PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3547E90E-9B80-446A-9311-43CD27742A0B}, Quarantined, [5416], [-1],0.0.0 PUP.Optional.PCAcceleratePro, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\SOFTWARE\ACPTAB, Quarantined, [1044], [261599],1.0.3005 Adware.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\11598763487076930564, Quarantined, [1745], [424293],1.0.3005 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, Quarantined, [5416], [425124],1.0.3005 PUP.Optional.InstallCore, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\SOFTWARE\CSASTATS, Quarantined, [2], [260986],1.0.3005 PUP.Optional.InstantSupport, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\SOFTWARE\INSTAB, Quarantined, [8437], [261449],1.0.3005 Registry Value: 5 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, Quarantined, [5416], [425125],1.0.3005 PUP.Optional.PCAcceleratePro, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\SOFTWARE\ACPTAB|HB, Quarantined, [1044], [261599],1.0.3005 PUP.Optional.PCAcceleratePro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|PCACCELERATEPRO.EXE, Quarantined, [1044], [315965],1.0.3005 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, Quarantined, [5416], [425126],1.0.3005 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-805201491-1039550708-2463240004-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, Quarantined, [5416], [425124],1.0.3005 Registry Data: 10 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{040e71a7-38ad-4ae9-b25b-971ed9782060}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{0bf47d8a-7285-11e7-9d77-806e6f6e6963}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4eae7122-419d-45de-b779-bf1bf5a4185e}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{c8c8fc27-e0d8-4918-84fe-e2c472a812c7}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{c8c8fc27-e0d8-4918-84fe-e2c472a812c7}|DhcpNameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{f61111e6-db6f-4973-ab83-9ca79d38ac10}|NameServer, Replaced, [1745], [-1],0.0.0 Adware.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{f61111e6-db6f-4973-ab83-9ca79d38ac10}|DhcpNameServer, Replaced, [1745], [-1],0.0.0 Data Stream: 0 (No malicious items detected) Folder: 2 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\USERS\THE RICHARD FAMILY\APPDATA\LOCAL\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}, Quarantined, [63], [302717],1.0.3005 File: 21 PUP.Optional.WinYahoo, C:\USERS\THE RICHARD FAMILY\APPDATA\LOCAL\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\HOWTOREMOVE.HTML, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\chromium-min.jpg, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\control panel-min-min.JPG, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\down.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\ff menu.JPG, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\ff search engine-min.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\hp-min ff.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\hp-min ie.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\search engine.gif, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\setup pages.gif, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\sp-min.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\start-min.jpg, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\HOWTOREMOVE\up.png, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\config.dat, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\info.dat, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\install.log, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\sora, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\Sqlite3.dll, Quarantined, [63], [302717],1.0.3005 PUP.Optional.WinYahoo, C:\Users\The Richard Family\AppData\Local\{9931AF6D-BD99-C3D5-D001-E63DF4691AA5}\uninst.dat, Quarantined, [63], [302717],1.0.3005 PUP.Optional.Conduit, C:\USERS\THE RICHARD FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N9W2K4G2.DEFAULT\USER.JS, Quarantined, [577], [302741],1.0.3005 PUP.Optional.DownLoadAdmin, C:\WINDOWS\INSTALLER\25989B.MSI, Quarantined, [4], [301032],1.0.3005 Physical Sector: 0 (No malicious items detected) (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.